popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

SearchUI.exe

UPX OS Processor Check PE32 PE File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Feb. 3, 2025, 9:59 a.m. Feb. 3, 2025, 10:03 a.m.
Size 17.1KB
Type PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
MD5 d72791d9eb757581772716a7573c4a4c
SHA256 b87870c36a1c770960979d8958aeb12c0537b5287bd420555931e6f4a28bbebf
CRC32 E4C986C0
ssdeep 384:e8Dr+sQ8zL+/JRrhr/y8vtbNAF4cHjmqLCJPEfhSvLTLKLFwZIzz:ppmJdJy8vNQ/iqGJPEfhSvLTLKLFwZI/
Yara
  • PE_Header_Zero - PE File Signature
  • IsPE32 - (no description)
  • UPX_Zero - UPX packed file
  • OS_Processor_Check_Zero - OS Processor Check

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

packer UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
section {u'size_of_data': u'0x00002c00', u'virtual_address': u'0x0000a000', u'entropy': 7.843365963810497, u'name': u'UPX1', u'virtual_size': u'0x00003000'} entropy 7.84336596381 description A section with a high entropy has been found
entropy 0.666666666667 description Overall entropy of this PE file is high
Time & API Arguments Status Return Repeated

LookupPrivilegeValueW

 system_name:
privilege_name: SeTakeOwnershipPrivilege
1 1 0
section UPX0 description Section name indicates UPX
section UPX1 description Section name indicates UPX
registry HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString
Bkav W32.AIDetectMalware
Cylance Unsafe
VIPRE Trojan.GenericKD.75713367
BitDefender Trojan.GenericKD.75713367
Arcabit Trojan.Generic.D4834B57
VirIT Trojan.Win32.StartPage.AAEK
Symantec Trojan Horse
Kaspersky UDS:DangerousObject.Multi.Generic
Alibaba Trojan:Win32/StartPage.63cfbae6
MicroWorld-eScan Trojan.GenericKD.75713367
Rising Malware.Generic!8.BA4C (CLOUD)
Emsisoft Trojan.GenericKD.75713367 (B)
McAfeeD ti!B87870C36A1C
Trapmine suspicious.low.ml.score
CTX exe.trojan.startpage
Sophos Mal/Generic-S
SentinelOne Static AI - Suspicious PE
FireEye Trojan.GenericKD.75713367
Jiangmin Trojan/Agent.brsg
Webroot W32.Malware.Gen
Google Detected
Antiy-AVL Trojan/Win32.Agent
Kingsoft Win32.Troj.Unknown.a
Gridinsoft Trojan.Win32.Startpage.vl!n
Xcitium Malware@#2cl1l2ow6hw49
GData Trojan.GenericKD.75713367
Varist W32/A-a988b8e2!Eldorado
McAfee Artemis!D72791D9EB75
DeepInstinct MALICIOUS
Malwarebytes Trojan.Regedit
Zoner Trojan.Win32.77483
MaxSecure Trojan.Malware.2588.susgen
Fortinet W32/PossibleThreat
Paloalto generic.ml